nuttx/nuttx-update
1
2
Fork 1
Code Issues 1 Pull requests 1 Projects Releases Packages Wiki Activity Actions

mm/heap: fix heap crash when use KASAN SW_TAG

Browse source 
Signed-off-by: ligd <liguiding1@xiaomi.com>
This commit is contained in:
ligd 2024-03-25 21:04:49 +08:00 committed by Xiang Xiao
parent 26dc3b297a
commit 5258e48be6
3 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
mm/mm_heap/mm_free.c
View file

@ -116,7 +116,8 @@ void mm_delayfree(FAR struct mm_heap_s *heap, FAR void *mem, bool delay)
/* Map the memory chunk into a free node */
node = (FAR struct mm_freenode_s *)((FAR char *)mem - MM_SIZEOF_ALLOCNODE);
node = (FAR struct mm_freenode_s *)
((FAR char *)kasan_reset_tag(mem) - MM_SIZEOF_ALLOCNODE);
nodesize = MM_SIZEOF_NODE(node);
/* Sanity check against double-frees */

2
mm/mm_heap/mm_memalign.c
View file

@ -141,6 +141,8 @@ FAR void *mm_memalign(FAR struct mm_heap_s *heap, size_t alignment,
kasan_poison((FAR void *)rawchunk,
mm_malloc_size(heap, (FAR void *)rawchunk));
rawchunk = (uintptr_t)kasan_reset_tag((FAR void *)rawchunk);
/* We need to hold the MM mutex while we muck with the chunks and
* nodelist.
*/

2
mm/mm_heap/mm_realloc.c
View file

@ -132,7 +132,7 @@ FAR void *mm_realloc(FAR struct mm_heap_s *heap, FAR void *oldmem,
/* Map the memory chunk into an allocated node structure */
oldnode = (FAR struct mm_allocnode_s *)
((FAR char *)oldmem - MM_SIZEOF_ALLOCNODE);
((FAR char *)kasan_reset_tag(oldmem) - MM_SIZEOF_ALLOCNODE);
/* We need to hold the MM mutex while we muck with the nodelist. */